Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion packets per second (Pps).

Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 Tbps, that is the highest ever publicly disclosed.

“Cloudflare’s defenses mitigated over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (Tbps). The largest attack peaked 3.8 Tbps — the largest ever disclosed publicly by any organization. Detection and mitigation was fully autonomous” reads the post published by Cloudflare.

The company pointed out that it has detected and mitigated the attack with its automated processes.

DDoS attack

The scale and frequency of recent DDoS attacks are unprecedented, with experts warning they could overwhelm unprotected internet infrastructure.

The campaign that started in September targets the financial, internet, and telecom industries. The DDoS attacks predominantly use UDP traffic originated from compromised devices globally, with major sources in Vietnam, Russia, Brazil, Spain, and the US.

The experts noticed that high packet rate attacks is generated from compromised MikroTik devices, DVRs, and web servers, while high bitrate attacks are linked to compromised ASUS routers, likely exploited via a critical, improper authentication flaw (CVE-2024-3080, CVSS score of 9.8) in ASUS routers.

The previous record-breaking volumetric DDoS attack was reported by Microsoft in late 2021, peaking at 3.47 Tbps with a packet rate of 340 million Pps. The largest attack previously seen by Cloudflare peaked at 2.6 Tbps.

“The scale and frequency of these attacks are unprecedented. Due to their sheer size and bits/packets per second rates, these attacks have the ability to take down unprotected Internet properties, as well as Internet properties that are protected by on-premise equipment or by cloud providers that just don’t have sufficient network capacity or global coverage to be able to handle these volumes alongside legitimate traffic without impacting performance.” concludes Cloudflare. “Cloudflare, however, does have the network capacity, global coverage, and intelligent systems needed to absorb and automatically mitigate these monstrous attacks.”

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, DDoS attack)